Echoerz in Colour

Dah lama banget gak bikin gambar, baik di komputer ataupun di kertas. Sekarang akhirnya kesempatan ngewarnain logo echoerz, yang sebelumnya kalo gak putih ya item :). 

Enjoy! :). 

Forum.echo.or.id Reborn

Sudah cukup lama halaman http://forum.echo.or.id tidak mengalami perubahan signifikan, bahkan cukup out-of-date dibanding rilis terbarunya (sampai beda 1 generasi rilis), alasan utama tidak dilakukan perubahan karena banyak kustomisasi dan perubahan kode php yang kami lakukan sebelumnya, sehingga tidak memungkinkan untuk sekedar langsung upgrade ke-versi diatasnya.

Minggu ini, akhirnya tersedia sedikit waktu untuk melakukan upgrade forum, agar menjadi lebih baik dan menarik, dan berikut ini adalah beberapa perubahan dan penambahan yang terjadi pada forum:

1. Forum dan subforum
a) Forum Warez (viewforum.php?f=5)
Forum Warez adalah room untuk berbagi aplikasi gratis, shareware dsb. Forum ini telah di non-aktifkan beberapa tahun lalu dikarenakan melanggar peraturan pihak hosting. Dan sekarang diaktifkan kembali karena echo sudah di host sendiri dan oleh karena kami rasa perlu untuk mengaktifkannya kembali.
b) Forum Computer forensic ( viewforum.php?f=60)
Forum ini merupakan tempat untuk berdiskusi terkait ranah computer forensic dan anti forensic.

IDSECCONF 2012 Call For Paper

Kami dari komite idsecconf 2012 Makassar memberi kesempatan pada rekan-rekan penggiat keamanan komputer di seluruh Indonesia untuk berpartisipasi lewat penyerahan paper. Topik utama yang kami cari adalah yang berkaitan dengan:

"Teknik Keamanan dan penerapannya pada Teknologi Mobile"

Secara explisit, ini mencakup (namun tidak terbatas) Teknik Hacking (attack, defence) pada:
- Perangkat Mobile (smartphones, GPS device, dll)
- Infrastruktrur dan perangkat Jaringan (Wireless, 3G, 4G)
- Sistem Operasi dan Aplikasi Perangkat Mobile
- Mobile Hardware
- Mobile Programming
- Metode audit keamanan

Short Story about Offsec Training: OSCP

After 30 Days, right after pwning my PAIN and SUFFERAENCE, and taking exam two week after that and last night i was sending the exam report, and this morning i obtained my OSCP Certification. Well, It was me who said that certification program useless, now im taking back a half of what i said, although i believe there still be many kind of certification that useless, but this kind of course that offsec had was different, they didn't teach about how to hack or become a hacker, but they made us hack to learn.

This is not the type of course for "spoon-fed" people type. You got your materials, you got your connections and the labs access, and go "hack as many as you can pwn", you got "try harder" as  your one and only manifesto and google as your beloved friends. In my 30 days of lab, i've pwned all machine in the student and IT network, some of machine in dev and admin network. It was huge networks, but yeah it was a lots of fun, i do really had Phun.

Limited Shellcode Space (SEH based BOF example)

Just as a quick note if i meet this situation again. During the creation of the exploits, and i want to put a shellcode and the space would not enough (e.g below 20 bytes), but there is still a space in front of the buffer (before address that overwrite SE handler) for example in seh based buffer overflow:

junk1= 'A'*500

junk2=  'A'*12

buffy=  junk1 + nseh + seh + '\x90'*8 + junk2

So, we need to jump back at least before the shellcode, for example our shellcode are 200 bytes, the buffer will be

buffy =  'A'*300 + shellcode + nseh + seh +  '\x90'*8 + junk2

we need to jump back at least 220 bytes, to land in junk1, so we need 'junk2' to make us Jump back. to do this we can use decrement CH register (1 = 256 bytes decrease from ECX), but before doing that after we doing POP, POP, RETN the pointer three places down in the stack, to get this memory address to ECX register, we need to do POP ECX, POP ECX, POP ECX, after that Jump to ECX and it will moves back 256 from the original POP, POP, RETN instructions land.

So, here what we are doing